SAS PAVIQUA, hereinafter referred to as "We," attaches great importance to the protection and respect of your privacy. Through this document, we aim to provide clear and precise information regarding the collection and processing of personal data that you may provide us through the Luminmax website, hereinafter referred to as the "Site."
ART.1: PRIVACY RULES
The General Data Protection Regulation of April 27, 2016 (hereinafter GDPR) applies from May 25, 2018. It imposes strict rules and conditions on companies and merchants regarding the processing of personal data of their customers and prospects to protect their privacy.
ART.2: DATA PROCESSING CONTROLLER
The "data processing controller" of your personal data is SAS PAVIQUA, the owner of the Luminmax website you are accessing and providing data to.
ART.3: LEGAL BASIS FOR DATA PROCESSING AND USE
We can only use your personal data for legitimate and necessary purposes (Art. 6 of the GDPR). This means that we process your personal data, whether electronically or not, for legitimate purposes in the context of contractual relationships, business, and security. These purposes include, but are not limited to:
• Processing and executing your orders and contracts;
• Managing your account and business relationship;
• Sending you commercial, promotional, or advertising information about our services;
• Communication in the context of contract execution;
• Improving the design, layout, and overall functionality of the website;
• Analyzing data for statistical purposes.
ART.4: WHAT IS PERSONAL DATA?
Personal data includes all information about you through which you can be identified (hereinafter referred to as "the data"). Anonymous data that does not allow for your identification is not considered personal data. Your personal data may include:
• Data related to your identity (name, first name, address, VAT number, company number, etc.); • Data related to your personal status (phone number, personal email, etc.);
• Financial and transactional data (payment method data, bank account number, billing details, etc.);
• Data related to the execution of the contract concluded with us (contract purpose, billing address, professional data, etc.);
• Data related to the use of electronic equipment, such as computers (passwords, log data, electronic identification data, billing details, etc.); Sensitive data: The processing of personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, as well as the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning the sex life or sexual orientation of a natural person, is prohibited. We are committed to strictly adhere to this prohibition.
ART.5: SOURCES AND ORIGINS OF PERSONAL DATA
In principle, the data we possess comes from you when you fill out a form. If you choose not to provide mandatory or necessary information, you may lose certain benefits and/or we may decide to terminate our services to you or be unable to execute the contract.
ART.6: ACCESS TO PERSONAL DATA - WITH WHOM DO WE SHARE YOUR INFORMATION?
In accordance with current regulations, data may be transmitted to competent authorities upon request, including public bodies, solely to comply with legal obligations, legal auxiliaries, judicial officers, and organizations responsible for debt recovery, as well as in cases of investigating authors of offenses committed on the internet. Your data is mainly for internal use. We may share your data with third-party companies that can process them for legitimate reasons, especially for the proper execution of the contract, when we use providers and subcontractors to fulfill orders or services provided by us (technical services, payment service, payment security, deliveries, commercial prospecting, etc.). We will only provide them with the data they need to perform their services. We will ensure that our subcontractors comply with GDPR regulations. The processing of data by these subcontractors is governed by strict legal frameworks.
ART.7: DATA RETENTION PERIOD
We implement the necessary measures to ensure that the retention of personal data for the purposes described above does not exceed the legal duration.
ART.8: WHAT ARE YOUR RIGHTS?
We are committed to taking appropriate technical and organizational measures to ensure the security of personal data processing for each individual (Art. 32 of the GDPR). According to applicable laws and regulations on personal data protection, you have several rights regarding your personal data:
• Right of access (Art. 15 of the GDPR) and information: You have the right to be informed in a concise, transparent, intelligible, and easily accessible manner of how your data is processed. You also have the right to obtain confirmation that data concerning you is being processed and, where applicable, access to your personal data and the right to obtain or request a copy to the extent reasonable.
• Right of rectification (Art. 16 of the GDPR): You have the right to obtain the rectification of inaccurate data concerning you. You also have the right to complete incomplete data.
• Right to be forgotten (or right to erasure - Art. 17 of the GDPR) and right to restriction of processing (Art. 18 of the GDPR): We are committed to granting the erasure of your personal data in particular in the following cases:
• Data no longer necessary for the purposes for which they were collected or processed;
• You object to the processing;
• Personal data have been processed unlawfully.
• Right to data portability (Art. 20 of the GDPR): You have the right to receive your data in a structured, commonly used, and machine-readable format for your personal use or for transmission to a third party of your choice.
• Right to withdraw consent at any time (Art. 7 of the GDPR): You can withdraw your consent to the processing of your data when processing is based on your consent. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
• Right to lodge a complaint (Art. 77 of the GDPR): You have the right to lodge a complaint at any time with the Privacy Commission if you consider that the processing of your personal data constitutes a violation of the GDPR. To exercise your rights, you can contact us by email : firstname.lastname@example.org
ART.9: OUR COMMITMENT
Our goal is to implement security techniques to protect stored data against unauthorized access, improper use, alteration, illegal or accidental destruction, and accidental loss.
ART.10: PROCEDURE IN CASE OF BREACHES
It is possible that personal data processed in the context of the contractual relationship may fall into the wrong hands due to human error, computer error, etc. When the breach presents a high risk to the rights and freedoms of the person, we will immediately inform them of the facts and measures. We will ensure that the necessary notification of the violation is made to the Privacy Commission within 72 hours after becoming aware of it, unless the breach does not present a high risk to the rights and freedoms of the person (Art. 32-34 of the GDPR).
You give your explicit, informed, and unambiguous consent to the processing of personal data as described in this Privacy Notice. You have the right to withdraw your consent at any time, upon written request. We reserve the right to modify this Privacy Notice.
• By email at the following address: email@example.com;
• By mail at the following address: SAS PAVIQUA 9A Parc d'activité Bel Air 84300 Les Taillades.